Tag Archives: Web

Lighttpd, fastcgi, php and eAccelerator

lighttpd is a lightweight httpd server I came across on (thanks michel_v!)
It took a while but I got it working on a server and it’s rather nice. You can run php scripts through it using the fastcgi interface. Here’s how I installed it on a Debian machine. Lines starting with “#” are commands that should be entered as the root user. (lots ripped from this tutorial)

# wget http://www.lighttpd.net/download/lighttpd-1.3.13.tar.gz
# tar zxvf lighttpd-1.3.13.tar.gz
# cd lighttpd-1.3.13
# dpkg-buildpackage

dpkg-buildpackage can be found in the package “cvs-buildpackage”. You’ll have to install a number of dependencies before this works. Just apt-get install packagename them as they come up.

# cd ..
# dpkg -i lighttpd_1.3.13-1_i386.deb

This will install lighttpd and start it.
Now you need to install and configure php:

# apt-get install php4-cgi
# vi /etc/lighttpd/lighttpd.conf

Look for the fastcgi.server section for php4 and change it so it looks like this:

fastcgi.server = ( ".php" =>
  ( "localhost" =>
    (
      "socket" => "/tmp/php-fastcgi.socket",
      "bin-path" => "/usr/bin/php4-cgi"
    )
  )
)

Download eaccelerator from their site and follow the instructions in the README. If you haven’t got phpize then install php4-dev.
Open up /etc/php4/cgi/php.ini and add the following at the top of the file:

  extension="eaccelerator.so"
  eaccelerator.shm_size="32"
  eaccelerator.cache_dir="/tmp/eaccelerator"
  eaccelerator.enable="1"
  eaccelerator.optimizer="1"
  eaccelerator.check_mtime="1"
  eaccelerator.debug="0"
  eaccelerator.filter=""
  eaccelerator.shm_max="0"
  eaccelerator.shm_ttl="1800"
  eaccelerator.shm_prune_period="1800"
  eaccelerator.shm_only="0"
  eaccelerator.compress="1"
  eaccelerator.compress_level="9"
  eaccelerator.content="shm_and_disk"

You’ll have to create the tmp directory yourself. Read the README file and config docs for instructions on using the web frontend to the accelerator.

I think that’s it, have I forgotten anything?

Bye bye Referer Spammers!

Take a quick look at your logfiles any time and you’re likely to see referer spam in there somewhere. Not only do those requests pollute your log files and stats pages, but they also consume resources on your server when you serve them pages that aren’t even going to be viewed by anyone. Here’s one way of stopping the spammers eating into your server resources:

  • Look through your logfiles and examine the referers. Here’s a quick bit of code to do that. (Remove the backslashes (“\”) from before double quotes. WP is putting them in on me!) :
    awk '{print $11}' < /var/log/apache2/access_log| sort|uniq -c|sort -r|grep -v "mydomain.com"|less
  • Copy and paste any likely looking referer spam sites somewhere else for safe keeping. The ones that use most of your resources will be at the top of the list.
  • Add this code to some page that every page on your site loads, it should be included before main execution of the page occurs. Fill in the array of referer sites with the list your assembled from your log file. I’ve added a few from this morning’s log file. 
    if( isset( $_SERVER["HTTP_REFERER"]  ) )
{
    $referers_to_avoid = array(
            "ttp://texas-holdem.andrewsaluk.com",
            "ttp://www.highprofitclub.com/",
            "ttp://www.sex4singles.com/",
            "ttp://www.parishillton.com/",
            "ttp://www.moneylinebet.com/",
            "ttp://www.free-hentai-anime-sex.com",
            "ttp://www.bondage-bdsm.us",
            "ttp://www.handjob-movies.us",
            "ttp://www.zoothumbnails.com",
            "ttp://www.bestiality-animal-sex-stories.com",
            "ttp://www.gay-men-sex-movies.com",
            "ttp://russ-darrow-kia.gq.nu/",
            "ttp://nissan-xterra.sbn.bz/",
            "ttp://nissan-thermos.gq.nu/",
            "ttp://folding-chair.wol.bz/",
            "ttp://www.xcites-0-cost-interracial-cum-teen-sex-movie.com"
    );
    while( list( $key, $val ) = each( $referers_to_avoid ) )
    {
        if( strpos( $_SERVER["HTTP_REFERER"], $val ) )
        {
            die();
        }

    }
}
  • Add an error_log() to the “if” condition to spot when a spammer visits.
  • Add this to index.php of a WordPress installation to protect your blog and make your legitimate requests go that much faster!

Multiple Browsers URL Spoofing Security Issue

This recently publicised problem with almost all browsers (except IE) occurs when “domain names with certain international characters” look like common domain names. It’s not a new issue however, being a well known problem for several years.
You can test your own browser by following this link – does the url say http://www.paypal.com/?
For Firefox users there’s Spoof Stick which “prominently displays only the most relevant domain information”. It’s not foolproof though, and Secunia recommends that users:

Don’t follow links from untrusted sources.
Manually type the URL in the address bar.

Later… Richard Eibrand has the scoop in an ILUG post. Here’s how to disable this feature in Firefox:

  • Visit about:config
  • Search for “idn” in the search box.
  • By default it’ll be “true”, but double click on it to set it to false.
  • You don’t need to restart your browser, just go to the test page to see if it works. It did for me!

As a side note, Fuzzbucket says that IDN isn’t used much so it might be worth while having it disabled by default!
Later Still… That’s only a temporary fix as it’s reset the next time you restart Firefox. Here’s a more permanent fix using an extension that warns of IDN characters – Japanese and other sites that use those characters will still work!

Close

Ad-blocker not detected

Consider installing a browser extension that blocks ads and other malicious scripts in your browser to protect your privacy and security. Here are a few options.

  • uBlock Origin is a free, open source, ad blocker for your browser.
  • Use pi-hole if you have a spare Raspberry Pi on your network.
  • Set the private DNS settings on your phone to dns.adguard.com to block adverts and trackers.